static code analysis reports problem in MD5Final

Hi,

Coverity says:

2149static void
2150MD5Final(unsigned char digest[16], MD5_CTX *ctx)
2151{
2152        unsigned count;
2153        unsigned char *p;
2154
2155        /* Compute number of bytes mod 64 */
2156        count = (ctx->bits[0] >> 3) & 0x3F;
2157
2158        /* Set the first char of padding to 0x80.  This is safe since there 
is
2159           always at least one byte free */
2160        p = ctx->in + count;
2161        *p++ = 0x80;
2162
2163        /* Bytes of padding needed to make 64 bytes */
2164        count = 64 - 1 - count;
2165
2166        /* Pad out to 56 mod 64 */
2167        if (count < 8) {
2168                /* Two lots of padding:  Pad the first block to 64 bytes */
2169                memset(p, 0, count);
2170                byteReverse(ctx->in, 16);
2171                MD5Transform(ctx->buf, (uint32_t *) ctx->in);
2172
2173                /* Now fill the next block with 56 bytes */
2174                memset(ctx->in, 0, 56);
2175        } else {
2176                /* Pad block to 56 bytes */
2177                memset(p, 0, count - 8);
2178        }
2179        byteReverse(ctx->in, 14);
2180
2181        /* Append length in bits and transform */
2182        ((uint32_t *) ctx->in)[14] = ctx->bits[0];
2183        ((uint32_t *) ctx->in)[15] = ctx->bits[1];
2184
2185        MD5Transform(ctx->buf, (uint32_t *) ctx->in);
2186        byteReverse((unsigned char *) ctx->buf, 4);
2187        memcpy(digest, ctx->buf, 16);
Passing argument "ctx" of type "MD5_CTX *" and argument "sizeof (ctx) /*4*/" to 
function "memset" is suspicous. Did you intend to use "sizeof(*ctx)" instead of 
"sizeof (ctx)" ?
2188        memset((char *) ctx, 0, sizeof(ctx));   /* In case it's sensitive */
2189}
2190#endif /* !HAVE_MD5 */

Is it rather
memset((char *) ctx, 0, sizeof(*ctx)); ???

bye
Christoph

Original issue reported on code.google.com by cruppst...@gmail.com on 24 Jan 2011 at 12:09

kuksugen / mongoose

static code analysis reports problem in MD5Final #221